hostapd for authentication of win wifi clients

Bob Beers bbeers
Wed Jul 28 07:57:36 PDT 2004 

 >
 > Now, I want to tie this in to a postgreSQL database vs. the users file ...
 >

I am venturing into territory that probably doesn't belong
  directly on the hostap mailing list anymore.  But if anyone
  watching this list has done what I'm trying to do, I would
  appreciate any pointers.  I'm ok with taking the discussion off
  list if necessary.  I'm very green with postgresql.

But, I'm not getting the authentication accepted from my database.
(but I did just using the users file)

  I have only one entry in my radcheck table:
   1 bob User-Name      == bob
   2 bob User-Password  == bob
   3 bob NAS-IP-Address == 172.16.87.23
   4 bob NAS_Port       >= 0

My postgresql.conf is attached, and radiusd output after
  attempting to authenticate is here:

rad_recv: Access-Request packet from host 172.16.87.23:1028, id=97, length=195
         User-Name = "bob"
         NAS-IP-Address = 172.16.87.23
         NAS-Port = 1
         Called-Station-Id = "00-09-5B-41-10-B4:dugtrio"
         Calling-Station-Id = "00-06-25-A7-64-28"
         Framed-MTU = 1400
         NAS-Port-Type = Wireless-802.11
         Connect-Info = "CONNECT 11Mbps 802.11b"
         EAP-Message = 
0x020800261900170301001be85a48a5e917b84de115f63957b55ba323ba9dff7ea49b478d9e8d
         State = 0x5ff716e93be89b31d24ae54d2e031327
         Message-Authenticator = 0xf77742064eca6d431016517b2e0404d6
   Processing the authorize section of radiusd.conf
modcall: entering group authorize for request 30
   modcall[authorize]: module "preprocess" returns ok for request 30
   modcall[authorize]: module "chap" returns noop for request 30
   modcall[authorize]: module "mschap" returns noop for request 30
     rlm_realm: No '@' in User-Name = "bob", looking up realm NULL
     rlm_realm: No such realm "NULL"
   modcall[authorize]: module "suffix" returns noop for request 30
   rlm_eap: EAP packet type response id 8 length 38
   rlm_eap: No EAP Start, assuming it's an on-going EAP conversation
   modcall[authorize]: module "eap" returns updated for request 30
radius_xlat:  'bob'
rlm_sql (sql): sql_set_user escaped user --> 'bob'
radius_xlat:  'SELECT id, UserName, Attribute, Value, Op ??FROM radcheck ??WHERE 
Username = 'bob' ??ORDER BY id'
rlm_sql (sql): Reserving sql socket id: 1
rlm_sql_postgresql: query: SELECT id, UserName, Attribute, Value, Op ??FROM 
radcheck ??WHERE Username = 'bob' ??ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: affected rows =
radius_xlat:  'SELECT radgroupcheck.id, radgroupcheck.GroupName, 
??radgroupcheck.Attribute, radgroupcheck.Value,radgroupcheck.Op ??FROM 
radgroupcheck, usergroup ??WHERE usergroup.Username = 'bob' AND 
usergroup.GroupName = radgroupcheck.GroupName ??ORDER BY radgroupcheck.id'
rlm_sql_postgresql: query: SELECT radgroupcheck.id, radgroupcheck.GroupName, 
??radgroupcheck.Attribute, radgroupcheck.Value,radgroupcheck.Op ??FROM 
radgroupcheck, usergroup ??WHERE usergroup.Username = 'bob' AND 
usergroup.GroupName = radgroupcheck.GroupName ??ORDER BY radgroupcheck.id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: affected rows =
radius_xlat:  'SELECT id, UserName, Attribute, Value, Op ??FROM radreply ??WHERE 
Username = 'bob' ??ORDER BY id'
rlm_sql_postgresql: query: SELECT id, UserName, Attribute, Value, Op ??FROM 
radreply ??WHERE Username = 'bob' ??ORDER BY id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: affected rows =
radius_xlat:  'SELECT radgroupreply.id, radgroupreply.GroupName, 
radgroupreply.Attribute, ??radgroupreply.Value, radgroupreply.Op ??FROM 
radgroupreply,usergroup ??WHERE usergroup.Username = 'bob' AND 
usergroup.GroupName = radgroupreply.GroupName ??ORDER BY radgroupreply.id'
rlm_sql_postgresql: query: SELECT radgroupreply.id, radgroupreply.GroupName, 
radgroupreply.Attribute, ??radgroupreply.Value, radgroupreply.Op ??FROM 
radgroupreply,usergroup ??WHERE usergroup.Username = 'bob' AND 
usergroup.GroupName = radgroupreply.GroupName ??ORDER BY radgroupreply.id
rlm_sql_postgresql: Status: PGRES_TUPLES_OK
rlm_sql_postgresql: affected rows =
rlm_sql (sql): Released sql socket id: 1
   modcall[authorize]: module "sql" returns ok for request 30
modcall: group authorize returns updated for request 30
   rad_check_password:  Found Auth-Type EAP
auth: type "EAP"
   Processing the authenticate section of radiusd.conf
modcall: entering group authenticate for request 30
   rlm_eap: Request found, released from the list
   rlm_eap: EAP/peap
   rlm_eap: processing type peap
   rlm_eap_peap: Authenticate
   rlm_eap_tls: processing TLS
   eaptls_verify returned 7
   rlm_eap_tls: Done initial handshake
   eaptls_process returned 7
   rlm_eap_peap: EAPTLS_OK
   rlm_eap_peap: Session established.  Decoding tunneled attributes.
   rlm_eap_peap: Received EAP-TLV response.
   rlm_eap_peap: Tunneled data is valid.
   rlm_eap_peap:  Had sent TLV failure, rejecting.
  rlm_eap: Handler failed in EAP/peap
   rlm_eap: Failed in EAP select
   modcall[authenticate]: module "eap" returns invalid for request 30
modcall: group authenticate returns invalid for request 30
auth: Failed to validate the user.
Delaying request 30 for 1 seconds
Finished request 30
Going to the next request
Waking up in 5 seconds...
rad_recv: Access-Request packet from host 172.16.87.23:1028, id=97, length=195
Sending Access-Reject of id 97 to 172.16.87.23:1028
         EAP-Message = 0x04080004
         Message-Authenticator = 0x00000000000000000000000000000000
--- Walking the entire request list ---
Waking up in 4 seconds...
--- Walking the entire request list ---
Cleaning up request 22 ID 89 with timestamp 4107b007
Cleaning up request 23 ID 90 with timestamp 4107b007
Cleaning up request 24 ID 91 with timestamp 4107b007
Cleaning up request 25 ID 92 with timestamp 4107b007
Cleaning up request 26 ID 93 with timestamp 4107b007
Waking up in 1 seconds...
--- Walking the entire request list ---
Cleaning up request 27 ID 94 with timestamp 4107b008
Cleaning up request 28 ID 95 with timestamp 4107b008
Cleaning up request 29 ID 96 with timestamp 4107b008
Cleaning up request 30 ID 97 with timestamp 4107b008
Nothing to do.  Sleeping until we see a request.


Thanks,

-Bob

-- 
Bob Beers
MIEEE 2415966
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: postgresql.conf
Url: http://lists.shmoo.com/pipermail/hostap/attachments/20040728/bc3dcff3/attachment.txt

More information about the Hostap mailing list